Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/9f9590-7f0a-41b3-ac4f-efd14db957fb/1/v2eA-z1BwCLhHBlsEpTLSUNVRcQ.roa
File: v2eA-z1BwCLhHBlsEpTLSUNVRcQ.roa (raw, json)
Hash identifier: +qHHm1eKMLQGUmtV1sxcT7xVmQjgzx8DIUPeBlh6Npg=
Subject key identifier: BF:67:80:FB:3D:41:C0:22:E1:1C:19:6C:12:94:CB:49:43:55:45:C4
Certificate issuer: /CN=f9856d674f0e9dbf6012d5b5d3d96b43afd76473
Certificate serial: 01856F3927F62D9C70A89922E06C8925C8DA
Authority key identifier: F9:85:6D:67:4F:0E:9D:BF:60:12:D5:B5:D3:D9:6B:43:AF:D7:64:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-YVtZ08Onb9gEtW109lrQ6_XZHM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/9f9590-7f0a-41b3-ac4f-efd14db957fb/1/v2eA-z1BwCLhHBlsEpTLSUNVRcQ.roa
Signing time: Sun 01 Jan 2023 21:24:54 +0000
ROA not before: Sun 01 Jan 2023 21:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5486
IP address blocks: 81.5.0.0/21 maxlen: 21
81.5.16.0/21 maxlen: 21
2001:40a8:2000::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:39:27:f6:2d:9c:70:a8:99:22:e0:6c:89:25:c8:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f9856d674f0e9dbf6012d5b5d3d96b43afd76473
Validity
Not Before: Jan 1 21:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bf6780fb3d41c022e11c196c1294cb49435545c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:cd:6a:55:76:74:0e:1c:63:19:9e:28:d5:5e:
76:d2:88:25:ca:ac:9f:f7:90:74:ab:e8:8a:e7:92:
1a:74:53:9a:60:35:e3:0d:75:85:cb:d7:fc:c3:5e:
5b:9f:90:12:2c:ea:e9:e5:25:5f:82:65:1f:ed:d3:
20:06:8c:32:86:92:70:12:2e:4e:7e:46:84:5d:94:
80:47:cf:13:13:0c:ad:8c:d1:06:e5:c3:45:06:6d:
f7:04:a7:1d:63:90:40:c0:45:30:7a:60:c8:8a:49:
43:67:d1:39:4d:d6:28:df:01:97:d5:00:60:92:76:
54:26:48:11:49:4c:81:36:7c:95:59:54:9d:40:4f:
cf:47:28:b5:21:b1:5e:fd:bf:99:db:d1:7c:96:7e:
95:fa:40:92:00:98:3b:73:f2:20:5c:aa:04:31:e2:
88:ef:ed:f6:95:90:2d:73:4e:a0:d5:c0:92:2e:de:
66:1e:ad:a8:bf:57:84:5a:0d:d0:46:52:7c:3c:db:
13:32:4c:b3:35:19:3d:b0:4b:b6:91:75:35:55:56:
4f:b1:63:8e:2b:18:66:5a:0a:c7:e0:6e:e8:b7:0b:
43:f2:03:ef:0a:84:a7:63:82:fd:2b:60:7b:a5:b3:
1b:b1:87:98:f0:16:fe:f0:0e:96:a9:50:20:a1:85:
9d:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:67:80:FB:3D:41:C0:22:E1:1C:19:6C:12:94:CB:49:43:55:45:C4
X509v3 Authority Key Identifier:
keyid:F9:85:6D:67:4F:0E:9D:BF:60:12:D5:B5:D3:D9:6B:43:AF:D7:64:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-YVtZ08Onb9gEtW109lrQ6_XZHM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/9f9590-7f0a-41b3-ac4f-efd14db957fb/1/v2eA-z1BwCLhHBlsEpTLSUNVRcQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/9f9590-7f0a-41b3-ac4f-efd14db957fb/1/1-YVtZ08Onb9gEtW109lrQ6_XZHM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.0.0/21
81.5.16.0/21
IPv6:
2001:40a8:2000::/40
Signature Algorithm: sha256WithRSAEncryption
2c:a6:5e:60:ab:0a:60:fb:63:e4:40:27:b9:a9:a3:ea:cc:29:
69:92:70:cd:cd:83:bd:89:ca:f6:1c:63:e5:03:35:6b:bb:ab:
db:07:97:0d:b7:24:f4:72:ad:c1:77:62:69:b8:46:a6:02:13:
33:44:72:4b:ea:41:d7:5b:ab:89:55:a8:5a:e2:0f:80:e3:16:
d6:f2:33:d3:c4:fc:e6:33:90:31:fd:a3:0f:75:29:e5:44:3d:
87:f4:58:5e:a9:98:96:76:26:56:67:ec:96:08:a9:b9:f5:c6:
f4:98:f7:a7:ac:d2:91:52:16:08:8d:86:d4:86:3b:1c:82:a8:
c0:3f:d8:d6:6f:f9:2d:0e:99:4c:a0:8a:3b:d0:26:22:22:06:
17:c1:cd:15:71:84:4b:62:30:0b:7a:84:94:8d:da:6e:2f:6d:
a3:d7:cc:33:52:8f:5f:2c:05:1c:7d:f0:20:9b:72:bf:73:c4:
f3:88:de:32:65:2e:98:ec:c7:17:b8:cf:f8:68:9e:88:aa:05:
42:23:c9:b7:60:cc:fa:82:43:3d:26:b6:a7:bb:16:db:8f:37:
4c:56:cf:cc:c8:11:fb:88:ac:73:b3:89:bc:47:ad:49:2c:95:
f5:f0:89:89:55:33:a7:cf:fb:3c:49:d8:cb:e1:cf:49:d7:e1:
a2:b2:d3:e1
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVvOSf2LZxwqJki4GyJJcjaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5ODU2ZDY3NGYwZTlkYmY2MDEyZDViNWQzZDk2YjQzYWZk
NzY0NzMwHhcNMjMwMTAxMjEyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjY3ODBmYjNkNDFjMDIyZTExYzE5NmMxMjk0Y2I0OTQzNTU0NWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv81qVXZ0DhxjGZ4o1V520oglyqyf
95B0q+iK55IadFOaYDXjDXWFy9f8w15bn5ASLOrp5SVfgmUf7dMgBowyhpJwEi5O
fkaEXZSAR88TEwytjNEG5cNFBm33BKcdY5BAwEUwemDIiklDZ9E5TdYo3wGX1QBg
knZUJkgRSUyBNnyVWVSdQE/PRyi1IbFe/b+Z29F8ln6V+kCSAJg7c/IgXKoEMeKI
7+32lZAtc06g1cCSLt5mHq2ov1eEWg3QRlJ8PNsTMkyzNRk9sEu2kXU1VVZPsWOO
KxhmWgrH4G7otwtD8gPvCoSnY4L9K2B7pbMbsYeY8Bb+8A6WqVAgoYWdNQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFL9ngPs9QcAi4RwZbBKUy0lDVUXEMB8GA1UdIwQY
MBaAFPmFbWdPDp2/YBLVtdPZa0Ov12RzMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1ZVnRaMDhPbmI5Z0V0VzEwOWxyUTZfWFpITS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGEvOWY5NTkwLTdmMGEtNDFiMy1hYzRm
LWVmZDE0ZGI5NTdmYi8xL3YyZUEtejFCd0NMaEhCbHNFcFRMU1VOVlJjUS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMGEvOWY5NTkwLTdmMGEtNDFiMy1hYzRmLWVmZDE0ZGI5NTdm
Yi8xLzEtWVZ0WjA4T25iOWdFdFcxMDlsclE2X1haSE0uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNQYIKwYBBQUHAQcBAf8EJjAkMBIEAgABMAwDBANRBQAD
BANRBRAwDgQCAAIwCAMGACABQKggMA0GCSqGSIb3DQEBCwUAA4IBAQAspl5gqwpg
+2PkQCe5qaPqzClpknDNzYO9icr2HGPlAzVru6vbB5cNtyT0cq3Bd2JpuEamAhMz
RHJL6kHXW6uJVaha4g+A4xbW8jPTxPzmM5Ax/aMPdSnlRD2H9FheqZiWdiZWZ+yW
CKm59cb0mPenrNKRUhYIjYbUhjscgqjAP9jWb/ktDplMoIo70CYiIgYXwc0VcYRL
YjALeoSUjdpuL22j18wzUo9fLAUcffAgm3K/c8TziN4yZS6Y7McXuM/4aJ6IqgVC
I8m3YMz6gkM9JranuxbbjzdMVs/MyBH7iKxzs4m8R61JLJX18ImJVTOnz/s8SdjL
4c9J1+GistPh
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:15:49 2025 by rpki-client